As excitement about biometric authentication has grown over the years, a number of companies have found great success by embracing the popular modalities associated with mobile devices, ie. fingerprint and facial recognition. Aerendir, meanwhile, has done something different, engineering a truly unique authentication solution that takes a completely different approach, yet still leverages the sophisticated sensor technology found in contemporary smartphones. The company’s technology leverages the subtle micro-movements of hand muscles triggered by brain activity to establish a biometric profile of an end user, and Aerendir says this solution is able to authenticate users passively, essentially running in the background while the end users simply uses their device.
It’s a fascinating approach to authentication, and one that Aerendir CEO Dr. Martin Zizi was happy to detail in a new interview with FindBiometrics, ahead of an upcoming fireside chat session in this week’s FindBiometrics Identity Summit. After delving into the essential operation of Aerendir’s solution, Dr. Zizi lays out the experience for the end user and discusses the importance of liveness detection (saying Aerendir’s physiological biometrics “cannot be spoofed”), before touching on the nuisance of bots, bridging the physical and digital divide, and the evolution of physiological biometrics going forward…
FindBiometrics: Aerendir’s physiologic biometrics technology embodies a new paradigm of how we identify using our mobile devices. How does Aerendir’s technology measure the biometrics of our brain using our smartphones?
Dr. Martin Zizi, CEO, Aerendir: We are fortunate in fact – the brain is connected to our INDIVIDUAL muscle cells, everywhere under our skin. Those individual muscle fibers (as they are called) truly shiver 10-20 times a second, and in the hand alone we deal with hundred of thousands of such fibers. Those shivering are barely visible – they are NOT linked to large-scale motions or behaviors – but they originate in the neuro-muscular junctions, the part of the nervous system connected to the muscles and they exert a mechanical effect that can be very precisely measured. The Mechanical Sensors (MEMS) present in mobile devices (phones and tablets) that are there to keep the screen in its correct position are sensitive enough to measure those tiny micro-motions. And we can – with our skilled signal processing and analytics – make sense of them.
Because those signals reflect the wiring – all the true neural nets – of the motor part of our brains, and because the circuits in our brains contains an actual image of our body, there are no two persons with the same physiological signal. This body image is also very stable as otherwise we would not be able to move about in our environment. One can think about phantom pain that keep some people feeling a missing limb for two-to-three years. This is the time our brains need to re-wire this part of the cortex and to reprogram the brain to work without this missing limb.
The type of information we can extract from those tiny signals are hence equivalent to a STABLE password of 1 million character in length, that can both be used to identify a person or to encrypt his/her data. With this technology, the body truly becomes the password. If we analyze those signals at less depth, it also becomes super easy to separate the generic human for any non-human actors or even the most sophisticated AI bots that are becoming so common these days. And because there is no better way to ascertain human liveliness than to use live signals, our liveliness is not image-based or metadata, it is life itself.
In addition, there are other features of human neuromuscular physiology that are part of such signals like age, hormonal status, alcohol or drugs that can also be extracted by such technology. This technology is actually a neural tapping interface.
FindBiometrics: Given how much of the authentication with Aerendir happens in the background, I feel comfortable classifying it as one of the rare “invisible biometrics.” What is the end-user experience when Aerendir is protecting their financial services session (for instance: conducting online banking transactions)?
Aerendir: Truly invisible indeed. We could even use a slogan like: “You Can Touch This and it Happens.” What I mean by this is that the tech is truly frictionless. The training is frictionless as it occurs in the background whenever a person will use his/her mobile device, under the protection of the on-board device security feature. The user is prompted when the product will start to ‘learn’ them, and then when it is activated – if so decided. Such training period strictly remains at the edge – on the device – as our AI is never in need to connect to the cloud for any analytics or computations. ALL remains on the device – and by not having exchanges and centralized databases, one avoids the systemic breaches that will always occur. Why is this so crucial? Because any of us can easily survive the loss of a bank account, or a social security number – we can get a new one. But we cannot get a new set of fingers, a new face – hence any loss dealing with biometrics is perpetual. Once one’s biometric identity is breached, it can no longer be trusted – it will lead to second rate citizenship in the future of the Internet and the IoT.
Once trained, the Aerendir product will unleash its power and – if prompted – when the user touches his/her now very personal device – anything that needs authentication and identification can happen. One does not have even to think about it – it is once again totally frictionless, it just happens. There are 122 billion transactions yearly in the United States out of which, seven percent of all financial transactions (including remote payment) are impersonated and a fraud. Financial services including banking and secure transfer of money are the most vulnerable point of attack. Biometrics is indeed a much needed and common solution, however there is a lot of user friction in securing those transactions. Biometric authentication creates a sense of comfort and security in the minds of the users as more and more financial transactions now happen online. However, passwords are passé and easily stolen, and hard to remember when they are strong. Cash dispensers are compromised with card skimmers and pinhole cameras.
Charge card fraud escalates at the point of sale. Protection that was once strong is now weak. Biometrics can restore that strength: those attacks are tougher if the thief must also possess the victim’s biometric identity. Financial institutions want that added protection for their clients and themselves. And the way we built our solution is truly unhackable. Imagine a piano keyboard: each of us has his/her own music to play, but because we never use the raw signals, it is like having a specific tuning to the instrument– even with the right melody it will still be out of tune as we never use the raw signals, but we extract unique signatures.
So the user, whether it will be via their mobile devices or online at the banking interface, will just be challenged to touch their phones at the needed times, like entering one’s bank account or authorizing the requested transaction and funds transfer. Just “Touch it” and it is done.
Contrary numerous companies that build solutions then try to fit it to the customers needs, we talked with users first then build our products: privacy, safety and ease of use are baked inside what we do.
FindBiometrics: It strikes me that, given their reliance on a user’s biological minutiae, physiologic biometrics would be very difficult (if impossible) to spoof. What is your position on liveness detection when it comes to protecting users from fraud?
Aerendir: True Physiological biometrics using live signals cannot be spoofed. And it is much more than just the density of the available information– the minutiae as you say it. As those signals are never the same, there is NO WAY that statistical analysis and adversarial networks can make sense of it, and then impersonate someone. This is the only biometric solution that can withstand attacks based on big data and AI. Because no code and no machine will ever be able to make sense from what is essentially entropic. I hope that this becomes very clear to everyone: when the input data are never the same one cannot analyze it, nor reverse-engineer it. However having entropic signals as base information does not kill this information, it all boils down to invariants, some of which are user-specific, some not.
As I explained, it is a bit like the keyboard of a piano. Each of us has our own little music – this would be the Neuroprint, this unique neuromuscular signature – so each of us has a certain combination of those keys, hit with a certain force/power. But at the same time, the keyboard itself is tuned in a certain way, and just playing back the musical partition if the keyboard is not tuned well will never work.
As I always say, it is not what you do that is important but “how’ you do it, and we do it in a way that offer the highest resistance to systemic hack, and make spoofing impossible. But I have to add that the word ‘physiological biometrics’ is abused at times. When one uses a face, even with 3D, or a finger, one uses anatomical features, NOT live physiology. CGI (computer graphic imaging) has opened the era of deep fakes, that cannot even be separated from reality. Some products exists to check for some subtle signs of such fakery – but honestly, if one knows how to do this, one does not leave any traces.
Hollywood had a movie where a dead actress was playing a leading role. And since a year such high end technology went mobile via one of the largest phone manufacturer – so any system that is image-based is actually doomed to fail, even if one do not dares to tell it like it is. For example, iris scan spoofing can simply take place by using a printed image of a person’s iris on a contact lens. One cyber attack happens every 39 seconds. So, there must be a solution that will free online users from the prying eyes of humans and bots with malicious intent. In a report dated a few years back, the total e-transactions volume in the US market alone reached 79 trillions dollars spread across 122 billions individual transactions, and 7 percent were lost to identity theft. This represents 6 billions lost each year by us as a ‘whole’. And working from home did not decrease the numbers. You do not see the pain, because it is insured, but it drives the costs of everything up for everyone. So just taming a portion of that monster would save hundreds of millions of dollars. And to tame it, we also need to tame the AI bots – you see the problem goes way beyond what standard spoofing is. And this is where true Liveliness is critical.
FindBiometrics: In the upcoming FindBiometrics Identity Summit, you will be sitting down with FindBiometrics’ Peter Counter to talk about bot detection, among other things. How big of a nuisance are bots in the financial services space, and how can physiological biometrics mitigate the threat they present?
Aerendir: Bots are a big nuisance in all industries – especially when dealing with cloud services. For a couple of years we know that 50 percent of the bandwidth of the Internet is gobbled up by bot traffic. This drags the whole system down, drives costs up for ANY web hosting platform, increases costs for true online advertising, drags the quality and reliability of the news and the media, creates political havoc, and can also lead to infrastructure problems. Indeed bot codes, and now the AI-supported bots are here to stay and the financial services industry – like all of the online economy suffers. For the financial industry, the situation is even more subtle. A person’s money is the most sensitive and vulnerable point of attack. Hacking a person’s bank account is doable by a bot.
But one needs to think also about the banks and the stock markets themselves. Malicious intents, thefts or even cyber-attacks could wreck entire economies once some refined AI bots can penetrate financial control systems. For quite some time now, Nike had a problem with people using bots to automate bids on some high end sneakers, just to find their products back on sale on a dark market. Nike sees this as a huge reputational risk. True liveliness can solve this immediately, and clean up the whole of online bidding. One has to think about Crypto and Blockchain too. The Trust protocol that will power the Internet 3.0 is pretty much hyped these days, as banks and even national banks build their cryptocurrency capabilities, the legal and the medical profession are eyeing on this technology as well. But does anyone know, that for all of its robustness, the delocalized shared ledgers cannot ensure that a human initiated a contract and that another human is the beneficiary of said contract? Pretty crazy right?
Because for these applications, like for the whole of the web-based economy, we are relying either on CAPTCHA or Re-CAPTCHA or to some numeric codes that are sent to another device. With CAPTCHA, for years, human-generated data that proved we were humans have been used to train evermore-sophisticated AI software to become more human-like, for the betterment of user experience. Making CRM bots more human and empathic is assuredly a plus, however this created a cat-and-mouse game, where we had to go from wiggly letters, to riddles, to mosaic images and now to the position of objects, or even to the ultimate mass-surveillance tech: the no-CAPTCHA from our colleagues at Google. The human started to become the friction point in those challenges as bots are faster at solving than… me for example. And I am quite sure that I am not the only one who had to take repeated challenges to prove that I was a human being. As far as dual factors with codes sent to another device, they are relatively safe but do not prove that you are a human at all.
To ascertain that someone hitting a web page or requesting a web service or securing an online buying is not a bot, physiology-based signals are perfect and frictionless. Hence, no CAPTCHA does not have to pry on people’s data, their privacy, or their whereabouts. Neuro-technology offers an easy way to ascertain that someone is not a bot, and at the same time it fully breaks down this cat-and-mouse game, as NO a single bit of personal or human data is collected and exchanged. Instead of a CAPTCHA challenge, and of a dual factor code, a request to touch one’s phone (or tablet) is sent, the requester touches it, and into the desired spaces he/she goes.
Biometric-based CAPTCHA replacements, like Aerendir’s Presens product, are fast, mindless and make all the rest a thing of the past. They fully protect the consumer’s privacy, and they can easily be pushed towards the users in any 3rd party mobile application, and the servers can just challenge the mobile device when the user lands on the web page.
FindBiometrics: Because it uses the mobile device as a form factor, Aerendir’s technology seems well positioned in the digital transformation trend we’re seeing sweep not just financial services, but all of society. Can physiologic biometrics act as a bridge for digital and physical identity?
Aerendir: Indeed it can.
The IT world like all of the economy goes mobile. Social media platform get accessed from the user’s mobile devices at a rate between 60 and 70 percent. M-commerce comes in addition to E-commerce. 5G is coming, movies and games are now aligned on the on-demand model. Hence it all becomes very fluid and mobile, as the human user wants everything at his/her fingertips at all time. The IoT itself is delocalized and local by definition, and there it is not the devices that have to move about, but the humans that are mobile in a fixed environment. Those two paradigms are a bit like mirror images. In one, human/devices need to access centralized services, in the other, human/devices need to access local decentralized services. In both cases however, we need to prove who we are.
It is quite easy to visualize that if a technology allows the human body to become a generic password, we can satisfy those needs at all times, just by being here or there. It is the future domain of the wearables and the smartphones. The smartphones by its sheer power and top chipsets will take the lead. Even if the wearables will find their ideal niches – most likely in medicine, health and wellness, their chipset will likely remained based on microcontrollers and SOC’s (systems on chips) for pricing reasons – a market-successful wearable may not cost more than $100.
If we think about the needs, this implies an infinite need for entropy (to generate the daily many billions of key pairs), it implies zero-knowledge keys or keys-on-the-fly, it implies strong authentication and identity verification, and it implies the capability to go seamlessly and effortlessly from point A to point B while being recognized albeit SAFELY, and while keeping one’s privacy at all times when needed, or giving it at other times when needed.
When the body becomes the password all of those needs are actually met. Biological signals are never the twice the same and yet they contain invariants. So if we use the variable parts, we have an easy and cheap source of entropy. Entropy as a service is as we are speaking a priority action for NIST. The alternative to biology is the quantum box – but those quantum based entropy generators are very costly- between $ 1 and 2 MM apiece, so using correctly parsed bio-signals, we can decrease the costs by a factor 100 to 1000. If this is not a longterm competitive advantage – the famous LTCA dear to generations of MBA graduates – I do not know what is!
Then by fusing the chain of trust (based on Certificates) to biometrics (on-board), one can create and support the chain of identity by having higher order certificates, and using the actual transport layer protocols, one can build products that were not possible a couple of years ago. Just using physiologic biometrics allows one to meander and wander across the whole of the IoT and the Internet and the web services, while being authenticated as legitimate owner or user of a device or of a process while either giving away one’s strong authentication and identity, or not – the same technology allowing for pseudonymous legitimacy – that is being UNIQUELY And SAFELY recognized and authorized without giving away one’s full identity. Choosing Security over Privacy was never the right question, and physiology allows not choosing, as it can do both at the same time.
FindBiometrics: What are some examples of how Aerendir can unite the digital and physical user experience?
Aerendir: Based on our neural tapping platform, we can cater to those new needs. If we focus on the variable parts of our biological signals, we can easily provide entropy to the planet. This is not an overstatement, a single neuroprint could provide for tens of thousands of random UNIQUE key pairs, succeeding where mathematical functions reach their limits and failure point. If we use the invariant part of the neuromuscular signals, we can either extract our very strong biometrics – aka as Neuroprint – that can be used wherever any other biometrics is now used but with the extra advantages that ONLY physiology can provide – this seamless interaction with our infrastructures. To that effect, we also built a product called A-Cert wherein we create super-certificates where we fuse Biometrics and Trust Authorities to create a chain of Identity that can be used for any encryption needs from key pairs to neuro-based personal data (PII) self-encryption. This will offer all users the possibility to be compensated for their data – if they so wish, or to keep those data safely away if not. The same product may reveal the user identity – like at a border crossing for example – or may keep the user incognito – like in routine IoT needs, like buying concert or game tickets as another example.
But the most immediate and useful products that Aerendir offers now are A-Live — our liveliness, and Presens – our anti-AI bot or NOCAPTCHA replacement (two versions depending on the way it is shaped). Those products, on their own, already usher us ALL in the realm of the Seamless IT, where physical and digital Identities are fused but when the Privacy of the person is protected and shielded at all times.
This fusion is a need as on-line breaches do have very damaging off-line consequences, but do not bring us towards some other’s countries models where social scoring becomes the norm, leading us into a techno-dictatorship.
Our open societies truly need SECURITY but not at the price of the Safety and Privacy of us all. And this is not a contradiction or a forced choice anymore, it is perfectly do-able. That is the true revolution of physiological biometrics.
FindBiometrics: How do you expect physiologic biometrics to evolve in our industry, and where do you expect them to fit into the biometrics landscape over the next five to ten years?
Aerendir: Our whole industry is – or so I think – like the arms race. As technology evolves we oftentimes end up in cat-and-mouse games: people have to remember that the first implement of the fingerprint on a smartphone was hacked the very same day of its release. With the same smartphone, a picture of the hand of the German defense minister was taken at quite a distance, and his fingerprints could be extracted from that picture and then his smartphone was hacked. The Chaos Computer Club in Germany did this at the time. The second coming of the fingerprint was on the screen of another phone brand. There it lasted two-to-three weeks prior it was once again hacked. So far, there are hundreds of tutorials on YouTube to explain how to circumvent fingerprint Authentication.
So technology is regularly used to beat technology. For many reasons, some of them like the ethnic or features biases in the source coding, the fact that females faces (vascular shading, hormones, make-up…) pose such reliability problems that the main company selling it advises them to have more than one profile, but also mostly because an adversarial neural network can by removing a few pixels from a 10 million pixels picture and bring the authentication performance down to zero! Not a decrease of a few percent, just a collapse. Or some scientists succeeded in generating vanilla faces based on big data statistics, that are able to crack open up to 20percent of all Face Rec profiles. Once again tech beats tech.
Another problem is that all biometrics are essentially not compatible with centralized databases. This is not just a fanciful opinion of mine, but a hard reality check. We can all survive a breach and the loss of a credit card, but we cannot survive intact the loss of our biometrics. Because once breached we are no longer reliable, we effectively becomes second class citizens and will never be able to enjoy the full power of the IoT and the Internet – and this cannot happen of course. This happened in India more than one year ago, close to 200 millions of profiles are thus no longer acceptable and accepted.
Another and entirely novel situation arose because of the ease with which one can generate very deep fakes. It used to be the purview of the movie industry, and cost a lot of time and money to generate synthetic images. Those days are gone, as this technology went mobile for the past 18 months. This created novel business opportunities for the entertainment industry but also killed most biometrics that would be based on images, on anatomical features… there is no dynamic is frozen pictures. Hence this race towards evermore factors, 2FA, 3FA and in the end, more friction to the user and, permanent and total monitoring like cattle?
Not to mention that now cyber fraud and all the hacks are supported by easy to train and operate manipulate AI and AI-driven bots. Those four are not all but a few of the pressure forces that will drive Biometrics for the next ten years. Hence let’s see now where my educated answer fits your question. First, physiology will take center stage in our field, not because Aerendir is a player but because it resolves numerous problems all at once. Physiology is the unique way to ensure that we move away from this cat-and-mouse game. Because the signals are never twice the same, statistics or AI driven by big data are useless to crack, hack or spoof it. This entropy is what physiology is about. So essentially Liveliness comes naturally as a byproduct, no need to design to create ad hoc pseudo live components it sits just there. I think this will be the main reasons that physiology may become the last man standing in this battle royale for the authentication market.
Recognizing each human is done by extracting the invariant parts of the signals that are person-specific, but using those that are NOT person-specific, one can build the ultimate anti-bot. And I see this as the frontier for the next couple of years. Physiology will go way beyond biometrics and will become a needed asset in our actual cyberwar – this is the best defense countermeasure ever – whether the assault is initiated by a nation or by cybercriminals does not make any difference. Think for one second about this: no matter how skilled and refined will the spoofing or the hacking code be, no matter all the AI that will go into it, it will never have a heartbeat, or a brainbeat – life itself is the best criterion for human-bot segregation and this has immense value throughout the web service industry and for any user, and not to mention our full IT infrastructure. Zero-trust is only a partial solution and quite frankly a dead-end for an open and democratic society.
So Physiometrics or physiological biometrics will bring about an era where we can choose to have passive collection if needed. Passive ID-ing avoids those “check points” where one could intercept anything, and where PII databases will no longer be in use.
At Aerendir, we are also working on the universal IoT key, where the body truly becomes the password for ANY-thing. We are building it by merging the chain of Trust with the Physiology, thereby creating a chain of identity that link personal devices and the users, we are building this on top of secure TLS – not against it – and it will be auditable, transferable.
Stay tuned for next year…
In the next three years, physiological biometrics will also become the needed complement to the trust protocol in the Blockchain, because as of now, regardless of the tech and code versions, and of the reliability of the distributed ledger, no one can ascertain who is the “initiator” of a contract, data or monetary transfer, and who is the “recipient” of said interactions. We are not even sure that it is a “who” – that is a human being, as bots could do that too. So if we are serious about the blockchain becoming the web 3.0, we need physiology in there. This is not a vision, it became a need – tech beats tech, remember?
Aerendir is a Platinum Sponsor of the June 23 FindBiometrics Identity Summit. Register now to see this conversation continued on our virtual stage!